package com.chengzzz.mysite.config;



import com.chengzzz.mysite.filter.ShiroFilter;
import com.chengzzz.mysite.realm.CustomRealm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.bind.annotation.CrossOrigin;

import javax.servlet.Filter;
import java.util.Hashtable;
import java.util.Map;

/**
 * <p>
 * ShiroConfig
 * </p>
 *
 * @author 等什么柠檬君
 * @since 2020/8/10
 */

    @Configuration
    @CrossOrigin
    public class ShiroConfig {

    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager securityManager){
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        factoryBean.setSecurityManager(securityManager);
        Map<String,String> map = new Hashtable<>();
       // map.put("/main","authc");
        map.put("/Service/test","perms[all]");
        map.put("/Service/Admin/**","roles[admin]");

        factoryBean.setFilterChainDefinitionMap(map);

//        //设置登录页面
       factoryBean.setLoginUrl("/Service/unlogin");
        //设置未授权页面
//用户未登录不进行跳转，而是自定义返回json数据
//        Map<String, Filter> filters = factoryBean.getFilters();//获取filters
//        filters.put("authc", new ShiroFilter());//将自定义 的FormAuthenticationFilter注入shiroFilter中
      factoryBean.setUnauthorizedUrl("/Service/unauth");
        return factoryBean;
    }


    @Bean
    public DefaultWebSecurityManager securityManager(@Qualifier("accoutRealm") CustomRealm accoutRealm){
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
        manager.setRealm(accoutRealm);
        return manager;
    }

    @Bean
    public CustomRealm accoutRealm(){
        return new CustomRealm();
    }

}
